Skip to content
/ cy-cache-js Public

This free-to-use JavaScript drop-in is a caching framework for web pages to reduce overhead while increasing security.

License

GPL-3.0 license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Cydog-Browser/cy-cache-js

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cycache.js
cycache.js
 
 

Repository files navigation

Cydog Browser CyCache.js

This is a free-to-use javascript drop-in to secure your website. It adds a browser cache to an IndexedDB for every rendered webpage. Pages rendered less than 30 minutes ago are served as an encrypted cache that cannot be modified by the browser.

Installation & Implementation

  1. Download cycache.js
  2. Add to web project (e.g., /js/security/cycache.js)
  3. Include in your HTML before any other scripts:
<head>
  <!-- Existing meta tags -->
  <script src="/js/security/cycache.js"></script>
</head>

Core Protections

Feature Protection Level Impact
Encrypted Caching Critical Prevents cache transit manipulation
Cache Expiration High Inhibits cache at rest attacks
Navigation Interception High Complicates navigation events

Implementation Notes

  1. Opt-out Mechanism:
  • Add data-no-cache attribute to links/forms to bypass cache interceptions
    • Example 1: <a href="/about.html">About Us</a> <!-- Will serve cache -->
    • Example 2: <a href="/secure-page.html" data-no-cache>Secure Page</a><!-- Will not serve cached -->

Performance Impact

  • Minimal runtime overhead (< 2ms initialization)
  • Zero ongoing CPU usage during idle
  • Processing latency only during decryption

Security Considerations

  1. Key Management: The encryption key is hardcoded to interface with our browser extensions. If using your own key, please make sure you:

    • Generate a custom 16-character key for AES-128 here
    • Rotate keys periodically

  2. Sensitive Data: Never cache pages containing sensitive information:

    • User profiles
    • Payment pages
    • Admin interfaces

  3. Cache Validation: Add cache validation logic for dynamic content:

    // Example validation logic
if (url.includes('/dashboard')) {
    return null; // Never cache dashboard
}

Browser Compatibility

This solution works in modern browsers with:

  • IndexedDB support
  • Web Crypto API support
  • Async/await support

Important Notes

  • This implementation intercepts navigation within the same origin only
  • Form submissions are intercepted but not cached
  • Always test before going live with this drop-in

Critical Note: This script supplements but doesn't replace server-side security. Always implement backend caching mechanisms like OPcache and a Web Application Firewall (WAF).

Contribute

Send me a pull request!

See our terms & conditions

Our terms & conditions

Want to know more?

Visit https://cydogbrowser.com

About

This free-to-use JavaScript drop-in is a caching framework for web pages to reduce overhead while increasing security.

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages